There are two things the average business executive should take away from all this. The first is that when it comes to electronic communications there may be no such thing as private. If you are saying something that you would not want the rest of the world to one day know it’s not advisable to put it in an email.

The second more important issue is the pressing need to protect intellectual property. For the most part IT organizations that try to protect everything almost always wind up protecting nothing. Organizations need to identify their more important data and concentrate the majority of their efforts on securing that data. In fact, John Riggi, managing director with BDO Consulting and former FBI Section Chief for the Cyber Division Outreach Section, says organizations should take a page from the way governments handle classified data. There may be an occasional breach of protocol as evidenced by the use of a private email server. But for the most part, Riggi says the government does an admirable job of securing classified data that is handled much differently than data this is unclassified. The good news is we’re already seeing a major surge in the use of encryption being applied to data that is both at rest and in transit.

Of course, there’s still no such thing as perfect security. If an end user that has the rights in place to read encrypted data has their credentials hacked no amount of encryption is going to matter. That data can be read by hackers pretending to be that employee. Because of this issue an organization that encrypts data need to be wary of becoming overly dependent on one single layer of security that, much like any other form of standalone security, can be compromised. Encryption is only really effective when it’s part of a layered security strategy that protects employee credentials.

When it comes to IT security these days it’s not necessarily that we live in a brand new world. Rather, it’s just more people are becoming aware of what type of world we do live in. Given the current state of IT security, however, that’s not a necessarily a bad thing.

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.